--On Monday, November 28, 2011 10:07 PM +0100 Axel Birndt towerlexa@gmx.de wrote:
Am 28.11.2011 21:48, schrieb Quanah Gibson-Mount:
--On Monday, November 28, 2011 9:34 PM +0100 Axel Birndt towerlexa@gmx.de wrote:
But if i use ldapsearch with the following command i got nothing:
ldapsearch -b "" -s base 'objectclass=*'
ldap_sasl_interactive_bind_s: No such object (32)
It is clearly failing with anonymous binds. So yes, this would be an
ACL
issue. I would suggest you peruse your ACLs and fix accordingly.
Ok thanks. Of course i will fix my acl's, but in the moment its not clear for me how i've to change my acl's.
Here are my acls for the
olcDatabase={1}hdb,cn=config
olcAccess (5 values)
{0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=2axelscompany, dc=ro" write by anonymous auth by self write by * none {1}to dn.base="" by * read {2}to dn.base="cn=subschema" by * read {3}to dn.base="cn=schema,cn=config" by * read {4}to * by dn="cn=admin,dc=2axels-company,dc=de" write by * read
Could you please double check, my acl's?
i've added the entrys {2} and {3} after the hint to make the schema and subschema readable for all, but i'am afraid i make a mistake.
These apply to your olcDatabase={1}hdb,cn=config database. They do not apply to your frontend database, which is where the rootDSE is stored, and its ACLs. You may want to look at the acls in olcDatabase={-1}frontend.ldif
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration